Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1187
Views
0
Helpful
6
Replies

ASA5515 - Firepower CTRL + Protect enough for IPS to generate events?

Matthew burnley
Level 1
Level 1

‎01-14-2019 07:14 AM - edited ‎03-12-2019 07:13 AM

Hi all,

 

I've searched the internet high and low and cant find a definite answer to this one.  With the old ASA's with the firepower modules is CTR+PROTECT licenses enough for the IPS to work and generate IPS events in the event viewer (adsm) or FMC?  I know the signatures wont update so i guess will be stock, but i'm just after lab functionality.

 

I guess this will be useful to many people if somebody can confirm it.

 

Labels:
0 Helpful
6 Replies 6

Sheraz.Salim
VIP
VIP

‎01-14-2019 07:24 AM - edited ‎01-14-2019 07:36 AM

 Protection Control license never expire and this will enough for IPS/IDS.

if you looking for lab site. And if i were you than I install the vFTD with FMC and use the smart lice option by clicking the smart lic it will give you 90 days demo lic with full functionality. enough time for you to learn the product. (this will include all the feature like URL, MALWARE, Pro, Control).

 

I guess you have a ASA5515 does come with a SFR module. i find some more information for you

100.PNG101.PNG102.PNG

please do not forget to rate.
0 Helpful

Matthew burnley
Level 1
Level 1
In response to Sheraz.Salim

‎01-14-2019 07:52 AM

Thankyou Sharaz,

 

That's some good information right there, it does not specify if you can use the IPS functionality (not updated) with the ctr+protect licenses.  Do you know if you can use it and will it generate events with old sigs without the IPS license?

 

I didn't know about the VFTD 90 day free trial - ill have a look into that.

0 Helpful

Abheesh Kumar
VIP Alumni
VIP Alumni
In response to Matthew burnley

‎01-14-2019 07:56 AM

Hi,
With CTRL+PROTECT license you can enable IPS module on ASA and get the events if it triggers.
What do you mean by "old sigs without the IPS license"
0 Helpful

Matthew burnley
Level 1
Level 1
In response to Abheesh Kumar

‎01-14-2019 07:59 AM

I mean you don't get any signature updates unless you buy the IPS license but the IPS module will work and trigger IPS events.

 

thanks for clarifying.

0 Helpful

Abheesh Kumar
VIP Alumni
VIP Alumni
In response to Matthew burnley

‎01-14-2019 08:05 AM - edited ‎01-14-2019 08:06 AM

Its not like that, With CONTROL+PROTECT license you can enable IPS/IDS functionalities on a ASA having Firepower module and it can get the signature updates from cisco. There is no specific IPS license in Firepower module on ASA case.
When you buy FTD you will get only the base license for firewalling you need to buy additional Threat license for the IPS/IDS functionalities

HTH
Abheesh

0 Helpful

Sheraz.Salim
VIP
VIP
In response to Abheesh Kumar

‎01-14-2019 08:19 AM

with respect @Abheesh Kumar as long as @Matthew burnley need to learn the product the short way to get his hand dirty is to install a vFTD and vFMC and play around to lean the system. this will enhance his skill in regards to firepower at layer 7 with IPS/IDS, URL and Malware. once get understand the technology he can look the rest later. this is my thoughts on this.

please do not forget to rate.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card